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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 1 1 September 2009 . 
2a )^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 41,47,48,50 and 53-58 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 41.47.48.50.53-58 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

The instant application having Application No. 10/769,415 is presented for 
examination by the examiner. Claims 41, 47, 48, 50, and 53-58 are pending. 

Response to Amendment 

Claim Rejections - 35 USC § 101 

Current amendments to the specification and claim cancellations are sufficient in 
overcoming the previous 101 rejections. 



Claim Rejections - 35 USC §112 

Current amendments to the claims and claim cancellations are sufficient in 
overcoming the previous 112 rejections. 



Response to Arguments 

Applicant's arguments filed 9/1 1/09 have been fully considered but they are not 
persuasive. The following interpretation of the prior art is solely based on the current 
set of claims and arguments submitted by the Applicant. It is not the only possible 
interpretation of the prior art and may be altered when/if the claims and/or arguments 
change. 
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Applicant has alleged that the amendment of a first and second file system 
overcomes the prior art of record, hereinafter Dalton. Examiner respectfully disagrees 
because the numbering of the file systems does not imply they are functionally different 
nor have different properties. True, the numbering does make them distinguishable by 
giving them a unique label, but in no way does that require more than Dalton teaches. 
Dalton discloses the main file system is divided up into non overlapping sections. One 
could easily give these file system sections names (0025). Consider the following 
analogy. A car has four tires. The left front tire could be referred to as the first tire and 
the right front tire could be referred to as the second tire. Thus, they are distinguishable 
but the first tire and the second tire can still be the same type, make, model, and size. 
One could reverse the naming scheme and call the left front tire number two for 
instance and vise versa. To that end, they still share the same properties. The subset 
of the file system of Dalton can be referred to by an arbitrary numbering scheme. The 
newly amended claims do not require that the file systems somehow be different. Thus, 
the rejection must be maintained. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
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applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 41, 47, 48, 50, and 53-58 are rejected under 35 U.S.C. 102(e) as being 
anticipated by USP Application Publication 2003/0172109, to Dalton et al., hereinafter 
Dalton. 

As per claim 41 , Dalton teaches a computer readable medium comprising a set 
of one or more instructions which, when executed by one or more processors, cause 
the one or more processors to perform the method of: 

in an operating system environment controlled by a single operating system 
kernel instance (0022), establishing a global zone [operating system as a whole] 
comprising a first non-global zone [compartments; 0021], wherein the first non-global 
zone comprises a first file system [main file system; 0025] and wherein the global zone 
comprises a second file system [restricted file system; 0023]; 

receiving, from a first process, a first request to perform a first operation [0061], 
wherein the first process is associated with a first set of privileges [tags or labels] and is 
executed by at least one of the one or more processors, and wherein the first set of 
privileges restrict the first process to the first non-global zone [not permitted to change 
to the root of the file system; 0061]; 

in response to the first request, determining whether performing the first 
operation is within the first set of privileges (0061 ); and 
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denying the first request if performing the first operation is not within the first set 
of privileges (0063). 

Claim 54 is rejected for the same reasons as claim 41 . 

As per claims 47 and 55, Dalton teaches performing the first operation comprises 
accessing an object, the method further comprising: determining whether the first 
process has permission to access the object [preventing transitioning to root and 
restricting a process to only those objects in its compartment; 0025]. 

As per claims 48 and 56, Dalton teaches the first operation includes one of: 
mounting/unmounting a file system, overriding file system permissions, binding to a 
privileged network port, and controlling other processes with different user identifiers 
[0043; binding to a privileged network port]. 

As per claims 50 and 57, Dalton teaches receiving, from a second process 
associated with a second set of privileges [its own specific labels or tags], a second 
request to perform a second operation (0061), wherein the second process is executing 
in the global zone, and wherein the second process is executed by at least one of the 
one or more processors (0061 ); 

in response to the second request, determining whether performing the second 
operation is within the second set of privileges (0061); and 

denying the second request if performing the second operation is not within the 
second set of privileges (0063). This request would be executed if the application has 
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the label or tags to permit it to transition to the root of the file system, thus out of one of 
the compartments [non-global zone]. 

As per claims 53 and 58, Dalton teaches the second operation includes one of: 
modifying all process privileges, writing to system administration file, opening device 
holding kernel memory, modifying operating system code, accessing file systems 
restricted to root user, setting the system clock, changing scheduling priority of an 
executing process, reserving resources for an application, directly accessing a network 
layer and loading kernel modules [0061-0063; application is preventing from gaining 
admin level privileges]. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is 
(571)270-7316. The examiner can normally be reached on Monday - Thursday, 7:30am 
- 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, William Korzuch can be reached on 571-272-7589. The fax 
phone number for the organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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